If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

I completely agree every forum will have exploits. PhpBB, Invision Board, vBulletin, any of them. I personally only use phpBB. I would recomend jconserv.net if you need a free host, they update phpbb within a few days of a new version being released.

phpBB is pretty secure, just grab the latest build, and remember to keep it updated.
And if you have to install custom templates just make sure that they are from a official site.
As you get rogue coders whom add a little special code into the template that can give them admin access..

Ive adminstrated many of the major forum software, including vBulletin, invision, and phpBB. I would say by far the best is vBulletin from a feature standpoint, and a security standpoint. while vB does have exploits released now and then, i havent seen that many exploits used. This was on a major? hacking site with hundreds of thousands of visitors.

but you have to pay for vB, which is why i would go next to invision, its got not quite as many features but its still got many. not quite as easy to use if i remember correctly, but still not that hard. I found it very resource intensive on both the clients browser, and the server.

phpBB is free and simple to use. not very feature filled and generally restricted to a smaller forum size. while i have seen major websites running on phpBB, not many are around, not quite as resource friendly as vB but still better than invision in my experience. In the next major release though they have turned phpBB into a major contender for vB. When the next release is made (v2.3.x i think) it will be a much superior forum. dont know how far away that release is though. ive run snapshots of the future release and its looking very nice. of course with this next release itll probably be a few releases until the major vulns are fully worked out. ive noticed with phpBB that the first few releases of a major version tend to be a tad insecure.

the current version of phpBB has been around a while and i havent seen a lot of vulns lately, but ive been out of that community for quite a while now

and yes, the site phpBB HACKS is a mod site for phpbb, not a list of vulns lol